This web application is using a caching system. It was possible to identify a common HTTP header that is reflected in the response and will be cached.

Because the value of the HTTP header is reflected in the response, it's possible to forge a malicious cached response that will be later served to victims.


The caching key should also include the HTTP header to prevent this type of issues.


Related Vulnerabilities